2010年1月26日星期二

Re: [fw-auth] ACL... but completely different

You won't be able to get an instance of the controller from a front controller plugin. I would recommend an action helper.

On Tue, Jan 26, 2010 at 1:22 PM, Laura Dean <ldean@saleamp.com> wrote:

So I am working on an ACL implemtation for my ZF application, but it has to
work completely different than Zend_Acl, more like Sugar CRM.  There is a
base set of system-wide roles and then user roles that can modify these.  A
user may be assigned to multiple roles, and then you have to determine the
most restrictive ACL setting and use this.  I have a few tables in the
database to manage everything:  acls (controller/action/permission options),
roles, and acl_roles (acls_id, roles_id, permission).

To make it more interesting, the controllers may have multiple actions that
may be mapped to the same permission setting.  For instance, the editAction
and duplicateAction would have the same setting in most cases, but not all
controllers have the same set of actions.  Also some controllers may have
only an enabled/disabled access setting that controlls all the actions.

So I was thinking that I should get an instance of the controller from the
AclManager (extends Zend_Controller_Plugin_Abstract) and then have the
controller do some magic to tell the AclManager what ACL setting a
particular action "maps" to.  Is this possible?  Or is there maybe a better
way to do this?

Thanks for any input,
Laura Dean
--
View this message in context: http://n4.nabble.com/ACL-but-completely-different-tp1299970p1299970.html
Sent from the Zend Auth mailing list archive at Nabble.com.


没有评论: